|
|
Posted by JB05UK on 06/06/05 20:56
Ahhh, for storing session passwords...if you really need to store a
password in the session then try using md5, like so...
$psw = md5($_POST['txtPassword']);
Then to verify a users password just do the same and compare to the
stored md5 value in your database.
But, its a very bad idea storing passwords in your sessions full stop if
using a shared server.
James
Alessandro Rosa wrote:
> I want to thank you all for previous helpings.
>
> Really the first code was easy to be solved, but
> this is how it shall work out. This is a program running
> locally and the trouble is that session vars are stored
> in local files. I must avoid to store a plain text password
> therein, thus I need to crypt and save it into session.
>
> When 2.php file just displays session data (it is test environemnt),
> but the output is blank !
>
> Suggest a different approach ?
>
> Alessandro Rosa
>
>
> <?php
> session_start();
>
> ////////////////////////////////////////////////////////////
> require_once('crypting.php');
> require_once(dirname(__FILE__).'/../mysql_wrap/mysql_man.php');
>
> $handle_db = connect_to_mysql_server();
> $psw = $_POST['txtPassword'];
> $psw = encrypt( $psw, get_crypt_key() );
> sql_disconnect( $handle_db );
>
> $_SESSION['session_user'] = $_POST['txtIdUtente'];
> $_SESSION['session_password'] = $psw;
> ////////////////////////////////////////////////////////////
>
> session_cache_limiter('private');
>
> require_once("config.inc.php");
> $PHPcmd = $GLOBALS['gestionale_path_name']."phpcode/login/2.php" ;
>
> header( "Location: ".$PHPcmd );
>
> ?>
Navigation:
[Reply to this message]
|